0ff2b167409293d0c22494b3f6f3ad2b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0ff2b167409293d0c22494b3f6f3ad2b_JaffaCakes118
Size

224KB
MD5

0ff2b167409293d0c22494b3f6f3ad2b
SHA1

12e75cb7e786b4cd3ff5ee44174e4ebf9f08a2b0
SHA256

6c92ea5a25bfa9f6752377b39dc04eed3387ed2413e2542368b1839988b1f1bf
SHA512

0f2a424da3de158dc06d589518d5ef1fb835450e96da1d39532becd812b731dd0cd0f8cd90e0bd7279af68d5248874a9b15e944f73c74f68bccb8f8019c9643a
SSDEEP

6144:QgPu7RyTtaJR9uOmWPXdpXAWZHYnLSM3AM1+z0G+mc:Vmf5mWPNpxZHiGM3A5Ym

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ff2b167409293d0c22494b3f6f3ad2b_JaffaCakes118

Files

0ff2b167409293d0c22494b3f6f3ad2b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ad4eccf562af692cd3e446cd0a7e9826

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\zGxzXfnpqzdGk\tscfsJzwrYt\urkrpZzurdjz\wXnvojHlld.pdb

Imports

shlwapi

PathStripPathW

msvcrt

sprintf
isalnum
wcsstr
fseek
_controlfp
isupper
__set_app_type
__p__fmode
getenv
setlocale
__p__commode
_amsg_exit
atol
fclose
iswprint
_initterm
printf
_acmdln
exit
_ismbblead
gmtime
strrchr
gets
iswspace
remove
_XcptFilter
realloc
_exit
strtoul
toupper
wcspbrk
_cexit
wcschr
__setusermatherr
__getmainargs
wcstol
towupper
rand
swscanf
ungetc

comctl32

ImageList_Destroy
ImageList_LoadImageW
ImageList_Read
CreatePropertySheetPageA
ImageList_Create

gdi32

Polyline
GetSystemPaletteEntries
GetDeviceCaps
PtVisible
GetTextExtentExPointW
CreateSolidBrush
StretchDIBits
GetTextExtentPoint32A
SelectObject
CreateFontW
ScaleWindowExtEx
GetStockObject
PathToRegion
GetPixel
RestoreDC
Rectangle
StartDocW
EnumFontFamiliesW
CreatePalette
ExcludeClipRect
CreateHatchBrush
CreateBitmap
GetClipBox
SetTextAlign
CreateRectRgn
SetStretchBltMode
CreateFontA
SetDIBits
SetTextColor
LineTo
OffsetViewportOrgEx
GetDIBColorTable
ExtFloodFill
GetPaletteEntries
CreateRectRgnIndirect

kernel32

FileTimeToSystemTime
IsBadWritePtr
GetTempFileNameW
GetACP
CreateFileMappingW
GetOEMCP
SetThreadLocale
GetTickCount
GetFullPathNameA
GlobalReAlloc
VerifyVersionInfoW
RtlUnwind
GlobalAddAtomA
DeleteCriticalSection
lstrcatW
BuildCommDCBAndTimeoutsW
FormatMessageA
SetSystemTime
OpenEventW
OpenFileMappingA
GetExitCodeThread
lstrcpyW
LocalAlloc
SetWaitableTimer
CreateMutexA
GetCommProperties
OpenEventA
GetCurrentThread
lstrcmpA
RaiseException
WaitForMultipleObjectsEx
lstrcmpiA
GetTempFileNameA
GetCommConfig
SizeofResource
LeaveCriticalSection
CloseHandle
SetThreadContext
CreateFileMappingA
LockResource
IsValidLanguageGroup

user32

InvertRect
DrawFocusRect
SetTimer
GetScrollRange
GetParent
CascadeWindows
DefFrameProcA
InvalidateRect
SwitchToThisWindow
GrayStringW
GetMenuState
GetUserObjectInformationW
GetKeyboardLayoutNameW
ReplyMessage
SwapMouseButton
ShowWindow
GetPropW
DrawAnimatedRects
CharToOemW
ScrollWindowEx
DrawTextA
CreateDialogParamA
DefWindowProcW
TileWindows
GetDlgItem
RegisterHotKey
CreateCursor
SetCursor
MapDialogRect
UnionRect
ChildWindowFromPointEx
CopyImage
OpenIcon
SetClassLongW
MapVirtualKeyW
GetSysColor
EndPaint
RegisterClassA
DispatchMessageW
GetDesktopWindow
GetTopWindow
InflateRect
GetWindowTextW
ClipCursor
GetMenuItemCount
ChangeMenuW
RegisterClassW
GetClassInfoExW
SetWindowLongW
CheckMenuItem
InsertMenuItemW
SendInput
CreateMenu
ShowCursor
RedrawWindow
IsCharUpperA
HideCaret
GetMenuCheckMarkDimensions
MonitorFromRect
InternalGetWindowText
IsWindowVisible
DefDlgProcW
InSendMessage
DrawTextW
EnumWindows
DrawStateA
LoadIconA
SendNotifyMessageW
GetForegroundWindow
GetScrollPos
GetDialogBaseUnits
DestroyWindow
SetActiveWindow
GetClassLongW
EnumThreadWindows
SetCursorPos
CheckRadioButton
SendMessageTimeoutW
DrawTextExW
MonitorFromPoint
RemovePropW
CharUpperW
MapVirtualKeyExW
GetMenu
DeleteMenu
LoadImageW
DialogBoxIndirectParamW
LoadStringA

Exports

Exports

?SleepAhHJDud@@YGKEPA_WG@Z
?SleepUDSUDlkdlsds@@YGKEPA_WG@Z
?SleepUDudjkUD@@YGKEPA_WG@Z
?SleepYDyjDuUI@@YGKEPA_WG@Z

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 227B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad4eccf562af692cd3e446cd0a7e9826

Headers

File Characteristics

PDB Paths

Imports

shlwapi

msvcrt

comctl32

gdi32

kernel32

user32

Exports

Exports

Sections

.text Size: 74KB - Virtual size: 74KB

.edata Size: 512B - Virtual size: 227B

.data Size: 19KB - Virtual size: 19KB

.rdata Size: 1024B - Virtual size: 64KB

.rsrc Size: 115KB - Virtual size: 114KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 74KB - Virtual size: 74KB

.edata
Size: 512B - Virtual size: 227B

.data
Size: 19KB - Virtual size: 19KB

.rdata
Size: 1024B - Virtual size: 64KB

.rsrc
Size: 115KB - Virtual size: 114KB

.reloc
Size: 2KB - Virtual size: 1KB